Magnetic stripe card spoofer

After building a USB magnetic stripe reader, [David Cranor] has found a way to fool a magnetic stripe reader using a hand-wound electromagnet and an iPod. The data on a card is read and stored on a computer, then encoded as a WAV file using a C++ program. The iPod plays the WAV file with the data through a single-stage opamp amplifier connected to the headphone jack. The amplifier is used to drive the electromagnet. Video embedded after the jump.

Don’t get your hopes up just yet on strolling through high security installations using this little device. It can only replay the data from a card that has been recorded. If you don’t have a known working card, it won’t get you very far.

The device in T2 was real. The FBI had some in evidence in a documentary I seen a long time ago.

It was a brute force tool for locks there though. Although it probably would of worked on the ATM machines in the 80s. It’d probably take a while for a 8 bit chip to brute force anything involving 16 bytes.

It probably still works on all the above, but ATM machines probably have some alert system; they are on VPNs now usually running embedded XP. In any case there’s no info on it. It’s obscure like casino cheat computer algorithms, auto passive transponder crypto etc..

You could drive this with a microcontroller instead of an ipod – that would make the whole process a lot simpler because you could just send the bitstream out one of the pins and into your amplifier. Then you could hook up a card reader to the microcontroller too, and voila, instant card copier. I know you can copy card really easily with a mag-writer if you’re willing to spend a couple hundred bucks, but that seems so obvious… this seems like it has its advantages.-Taylor

From this it wouldnt be inconceivable to have a fake housing that covered the original card reader…

It would be card reader> data logger > data spoofer coil > original card reader. That way the user would be unaware of the card data being taken hostage. The card would be read, recorded, and immediately repeated to the real card reader to give the user access while stealing the goods.

I hate it when people mix an ipod into their hacks as an attempt to sound “hip”. any crappy portable audio device could have been used. even a cassette walkman if you really want to be ghetto. as Taylor mentioned, a microcontroller would be ideal for this step.

I once make something like this except I used a needle and my PDA. I wrote a custom “phonebook” style app for my PDA that would allow me to play people’s university IDs into card readers (all I ever used it for was getting into my friend’s buildings without them having to run down and open the door for me).

It has been happening here in NZ, the theif will put a card reader over the original card slot, so that the card will pass through it and into the original card reader on the ATM. It would store a copy of the card, while a camera up above recorded the pin number the user entered.

@Geek505: Yeah, because even the old ATM machines required human intervention. You couldn’t control anything from bit states on mag stripes; and still can’t.

The t2 device was suppose to be a brute force tool I guess. Even if human intervention wasn’t required, the 8 bit chip would take at least a few hours to find something seeing as the numbers where so long, and bytes.

@Geek505 if you really hate the lack of caps you should install greasemonkey (assuming you’re using firefox) use a custom CSS to overwrite the sites style and display caps in the comments (they’re there, just displayed in all lowercase through CSS).

c’mon man… where’s the hacking spirit, if you don’t like how something works hack it… websites shouldn’t be exempt. ;)

If you actually read the tutorial, you’ll see that I refer to a “personal music player” and not an iPod throughout the steps. It just so happens that an iPod is all I had at the moment, and so thats what ended up in the pictures.

Also, I had been toying with a design involving a microcontroller and an H-bridge, which should be even better than the current setup, but chose to go with this one because I want to write an iPhone app that lets me key in arbitrary data streams to be transmitted to the coil. Yes, that too could be done completely digitally, but going out through the headphone jack of the iPhone is a lot easier than taking apart a data cable.